[kernel-sec-discuss] r4223 - active retired

Ben Hutchings benh at moszumanska.debian.org
Fri Mar 4 13:02:30 UTC 2016 

Author: benh
Date: 2016-03-04 13:02:26 +0000 (Fri, 04 Mar 2016)
New Revision: 4223

Added:
   retired/CVE-2015-7566
   retired/CVE-2015-7833
   retired/CVE-2015-8767
   retired/CVE-2016-0723
   retired/CVE-2016-0774
   retired/CVE-2016-2069
Removed:
   active/CVE-2015-7566
   active/CVE-2015-7833
   active/CVE-2015-8767
   active/CVE-2016-0723
   active/CVE-2016-0774
   active/CVE-2016-2069
Log:
Retire issues released in Debian branches and released/pending in upstream braches

Deleted: active/CVE-2015-7566
===================================================================
--- active/CVE-2015-7566	2016-03-04 12:54:03 UTC (rev 4222)
+++ active/CVE-2015-7566	2016-03-04 13:02:26 UTC (rev 4223)
@@ -1,15 +0,0 @@
-Description: Crash on invalid USB device descriptors in visor driver
-References:
- https://marc.info/?l=linux-usb&m=145260786729359&w=2
- https://bugzilla.redhat.com/show_bug.cgi?id=1283371
-Notes:
- bwh> Commit cac9b50b0d75a1d50d6c056ff65c005f3224c8e0 fixes a related issue.
-Bugs:
-upstream: released (4.5-rc2) [cb3232138e37129e88240a98a1d2aba2187ff57c]
-3.16-upstream-stable: released (3.16.7-ckt25)
-3.2-upstream-stable: released (3.2.78) [usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
-2.6.32-upstream-stable: pending (2.6.32.71)
-sid: released (4.3.3-6) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]

Deleted: active/CVE-2015-7833
===================================================================
--- active/CVE-2015-7833	2016-03-04 12:54:03 UTC (rev 4222)
+++ active/CVE-2015-7833	2016-03-04 13:02:26 UTC (rev 4223)
@@ -1,14 +0,0 @@
-Description: usbvision: crash on invalid USB device descriptors
-References:
-Notes:
- bwh> linux versions 3.2.68-1+deb7u6, 3.16.7-ckt11-1+deb8u6 and 4.2.6-1
- bwh> have the first patch only.
-Bugs:
-upstream: released (4.5-rc1) [588afcc1c0e45358159090d95bf7b246fb67565f, fa52bd506f274b7619955917abfde355e3d19ffe]
-3.16-upstream-stable: released (3.16.7-ckt25)
-3.2-upstream-stable: released (3.2.77) [usbvision-fix-overflow-of-interfaces-array.patch, usbvision-fix-crash-on-detecting-device-with-invalid.patch]
-2.6.32-upstream-stable: pending (2.6.32.71)
-sid: released (4.2.6-2) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze17) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]

Deleted: active/CVE-2015-8767
===================================================================
--- active/CVE-2015-8767	2016-03-04 12:54:03 UTC (rev 4222)
+++ active/CVE-2015-8767	2016-03-04 13:02:26 UTC (rev 4223)
@@ -1,16 +0,0 @@
-Description: SCTP denial of service during heartbeat timeout functions
-References:
-Notes:
- bwh> I'm not sure exactly how far back this is needed as I can't see
- bwh> where the change of association is made.  But SCTP hasn't
- bwh> changed a whole lot since 2.6.32 and most other security fixes
- bwh> have been needed all the way back.
-Bugs:
-upstream: released (v4.3-rc4) [635682a14427d241bab7bbdeebb48a7d7b91638e]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77) [sctp-prevent-soft-lockup-when-sctp_accept-is-called-during-a.patch]
-2.6.32-upstream-stable: pending (2.6.32.71)
-sid: released (4.3.1-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]

Deleted: active/CVE-2016-0723
===================================================================
--- active/CVE-2016-0723	2016-03-04 12:54:03 UTC (rev 4222)
+++ active/CVE-2016-0723	2016-03-04 13:02:26 UTC (rev 4223)
@@ -1,12 +0,0 @@
-Description: use-after-free in TIOCGETD ioctl
-References: http://lkml.iu.edu/hypermail/linux/kernel/1511.3/03045.html
-Notes:
-Bugs:
-upstream: released (4.5-rc2) [5c17c861a357e9458001f021a7afa7aab9937439]
-3.16-upstream-stable: released (3.16.7-ckt25)
-3.2-upstream-stable: released (3.2.78) [tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
-2.6.32-upstream-stable: pending (2.6.32.71)
-sid: released (4.3.3-6) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]

Deleted: active/CVE-2016-0774
===================================================================
--- active/CVE-2016-0774	2016-03-04 12:54:03 UTC (rev 4222)
+++ active/CVE-2016-0774	2016-03-04 13:02:26 UTC (rev 4223)
@@ -1,12 +0,0 @@
-Description: Incorrect fix for CVE-2015-1805 for kernel versions < 3.16
-References: https://rhn.redhat.com/errata/RHSA-2016-0103.html
-Notes:
-Bugs:
-upstream: N/A "upstream fix was correct"
-3.16-upstream-stable: N/A "upstream fix was correct"
-3.2-upstream-stable: released (3.2.78) [pipe-fix-buffer-offset-after-partially-failed-read.patch]
-2.6.32-upstream-stable: pending (2.6.32.71)
-sid: N/A "upstream fix was correct"
-3.16-jessie-security: N/A "upstream fix was correct"
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/pipe-fix-buffer-offset-after-partially-failed-read.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze20) [bugfix/all/pipe-fix-buffer-offset-after-partially-failed-read.patch]

Deleted: active/CVE-2016-2069
===================================================================
--- active/CVE-2016-2069	2016-03-04 12:54:03 UTC (rev 4222)
+++ active/CVE-2016-2069	2016-03-04 13:02:26 UTC (rev 4223)
@@ -1,12 +0,0 @@
-Description: x86 Linux TLB flush bug
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [71b3c126e61177eb693423f2e18a1914205b165e, 4eaffdd5a5fe6ff9f95e1ab4de1ac904d5e0fa8b]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77) [x86-mm-add-barriers-and-document-switch_mm-vs-flush.patch, x86-mm-improve-switch_mm-barrier-comments.patch]
-2.6.32-upstream-stable: pending (2.6.32.71)
-sid: released (4.3.5-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/x86/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch, bugfix/x86/x86-mm-Improve-switch_mm-barrier-comments.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/x86/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch, bugfix/x86/x86-mm-Improve-switch_mm-barrier-comments.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/x86/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch, bugfix/x86/x86-mm-Improve-switch_mm-barrier-comments.patch]

Copied: retired/CVE-2015-7566 (from rev 4222, active/CVE-2015-7566)
===================================================================
--- retired/CVE-2015-7566	                        (rev 0)
+++ retired/CVE-2015-7566	2016-03-04 13:02:26 UTC (rev 4223)
@@ -0,0 +1,15 @@
+Description: Crash on invalid USB device descriptors in visor driver
+References:
+ https://marc.info/?l=linux-usb&m=145260786729359&w=2
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283371
+Notes:
+ bwh> Commit cac9b50b0d75a1d50d6c056ff65c005f3224c8e0 fixes a related issue.
+Bugs:
+upstream: released (4.5-rc2) [cb3232138e37129e88240a98a1d2aba2187ff57c]
+3.16-upstream-stable: released (3.16.7-ckt25)
+3.2-upstream-stable: released (3.2.78) [usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
+2.6.32-upstream-stable: pending (2.6.32.71)
+sid: released (4.3.3-6) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/all/usb-serial-visor-fix-crash-on-detecting-device-without-write_urbs.patch]

Copied: retired/CVE-2015-7833 (from rev 4222, active/CVE-2015-7833)
===================================================================
--- retired/CVE-2015-7833	                        (rev 0)
+++ retired/CVE-2015-7833	2016-03-04 13:02:26 UTC (rev 4223)
@@ -0,0 +1,14 @@
+Description: usbvision: crash on invalid USB device descriptors
+References:
+Notes:
+ bwh> linux versions 3.2.68-1+deb7u6, 3.16.7-ckt11-1+deb8u6 and 4.2.6-1
+ bwh> have the first patch only.
+Bugs:
+upstream: released (4.5-rc1) [588afcc1c0e45358159090d95bf7b246fb67565f, fa52bd506f274b7619955917abfde355e3d19ffe]
+3.16-upstream-stable: released (3.16.7-ckt25)
+3.2-upstream-stable: released (3.2.77) [usbvision-fix-overflow-of-interfaces-array.patch, usbvision-fix-crash-on-detecting-device-with-invalid.patch]
+2.6.32-upstream-stable: pending (2.6.32.71)
+sid: released (4.2.6-2) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze17) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, bugfix/all/media-usbvision-fix-crash-on-detecting-device-with-i.patch]

Copied: retired/CVE-2015-8767 (from rev 4222, active/CVE-2015-8767)
===================================================================
--- retired/CVE-2015-8767	                        (rev 0)
+++ retired/CVE-2015-8767	2016-03-04 13:02:26 UTC (rev 4223)
@@ -0,0 +1,16 @@
+Description: SCTP denial of service during heartbeat timeout functions
+References:
+Notes:
+ bwh> I'm not sure exactly how far back this is needed as I can't see
+ bwh> where the change of association is made.  But SCTP hasn't
+ bwh> changed a whole lot since 2.6.32 and most other security fixes
+ bwh> have been needed all the way back.
+Bugs:
+upstream: released (v4.3-rc4) [635682a14427d241bab7bbdeebb48a7d7b91638e]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77) [sctp-prevent-soft-lockup-when-sctp_accept-is-called-during-a.patch]
+2.6.32-upstream-stable: pending (2.6.32.71)
+sid: released (4.3.1-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/all/sctp-prevent-soft-lockup-when-sctp_accept-is-called-.patch]

Copied: retired/CVE-2016-0723 (from rev 4222, active/CVE-2016-0723)
===================================================================
--- retired/CVE-2016-0723	                        (rev 0)
+++ retired/CVE-2016-0723	2016-03-04 13:02:26 UTC (rev 4223)
@@ -0,0 +1,12 @@
+Description: use-after-free in TIOCGETD ioctl
+References: http://lkml.iu.edu/hypermail/linux/kernel/1511.3/03045.html
+Notes:
+Bugs:
+upstream: released (4.5-rc2) [5c17c861a357e9458001f021a7afa7aab9937439]
+3.16-upstream-stable: released (3.16.7-ckt25)
+3.2-upstream-stable: released (3.2.78) [tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
+2.6.32-upstream-stable: pending (2.6.32.71)
+sid: released (4.3.3-6) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/all/tty-fix-unsafe-ldisc-reference-via-ioctl-tiocgetd.patch]

Copied: retired/CVE-2016-0774 (from rev 4222, active/CVE-2016-0774)
===================================================================
--- retired/CVE-2016-0774	                        (rev 0)
+++ retired/CVE-2016-0774	2016-03-04 13:02:26 UTC (rev 4223)
@@ -0,0 +1,12 @@
+Description: Incorrect fix for CVE-2015-1805 for kernel versions < 3.16
+References: https://rhn.redhat.com/errata/RHSA-2016-0103.html
+Notes:
+Bugs:
+upstream: N/A "upstream fix was correct"
+3.16-upstream-stable: N/A "upstream fix was correct"
+3.2-upstream-stable: released (3.2.78) [pipe-fix-buffer-offset-after-partially-failed-read.patch]
+2.6.32-upstream-stable: pending (2.6.32.71)
+sid: N/A "upstream fix was correct"
+3.16-jessie-security: N/A "upstream fix was correct"
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/pipe-fix-buffer-offset-after-partially-failed-read.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze20) [bugfix/all/pipe-fix-buffer-offset-after-partially-failed-read.patch]

Copied: retired/CVE-2016-2069 (from rev 4222, active/CVE-2016-2069)
===================================================================
--- retired/CVE-2016-2069	                        (rev 0)
+++ retired/CVE-2016-2069	2016-03-04 13:02:26 UTC (rev 4223)
@@ -0,0 +1,12 @@
+Description: x86 Linux TLB flush bug
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [71b3c126e61177eb693423f2e18a1914205b165e, 4eaffdd5a5fe6ff9f95e1ab4de1ac904d5e0fa8b]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77) [x86-mm-add-barriers-and-document-switch_mm-vs-flush.patch, x86-mm-improve-switch_mm-barrier-comments.patch]
+2.6.32-upstream-stable: pending (2.6.32.71)
+sid: released (4.3.5-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/x86/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch, bugfix/x86/x86-mm-Improve-switch_mm-barrier-comments.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/x86/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch, bugfix/x86/x86-mm-Improve-switch_mm-barrier-comments.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze19) [bugfix/x86/x86-mm-Add-barriers-and-document-switch_mm-vs-flush-.patch, bugfix/x86/x86-mm-Improve-switch_mm-barrier-comments.patch]

More information about the kernel-sec-discuss mailing list